CVE-2026-4359 Heap-buffer-over-read in _mongoc_http_send via strstr on non-null-terminated buffer

A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in applications using the MongoDB C driver...

PT-2020-18343 · Ruby +1 · Puma +1

Name of the Vulnerable Software and Affected Versions: Puma RubyGem versions prior to 4.3.3 Puma RubyGem versions prior to 3.12.4 Description: The issue allows an attacker to inject malicious content, such as additional headers or an entirely new response body, by using a carriage return characte...

ntopng HTTP Response Splitting Vulnerability

NTOPNG is the next generation version of NTOP, computer software for monitoring traffic on a computer network. A split vulnerability exists in the ntopng HTTP response, which can be exploited by an attacker to have an impact on the integrity of the data...

Mozilla Firefox vulnerable to HTTP response splitting

Overview 1Mozilla Firefox contains a vulnerability in the way it interprets HTTP 1.0 responses from a server. 2Mozilla Firefox, a web browser from Mozilla Corporation and Mozilla Japan, fails to properly handles multiple HTTP headers in server responses. Impact 1If a user views malicious web page...